[CALUG] Questions on Linux kernel coding

Jim Sansing jjsansing at verizon.net
Fri Mar 11 10:35:34 EST 2011


I am working on a Linux kernel (version 2.6.24+) module that uses
Netfilter to intercept packets and modify them.  This is working, but
inconsistently.  The main problem is that when packets (ie. the skbuff
structure) is returned to the stack, sometimes they do not get
processed.  I am having a hard time figuring out where the skb goes when
I call the 'okfn' (callback function) that Netfilter provides.

My debugging is currently the use of printk statements, using dmesg to
view their output.  These are lost if the system reboots unless the
crash dump facility works, which allows me to capture the kernel log.
Unfortunately, I don't always get a crash dump.

Also, I have not been able to use the gdb debugger on the crash dump
because it requires a kernel build with the debugging symbols, which is
over 100Meg and must be built specifically for each kernel.  I have not
been able to find instructions for how to do this correctly.

My specific questions are:

Q1: How can I consistently get crash dumps?

Q2: What is the correct procedure for building the kernel symbols file
to use a debugger on crash dumps?

Q3: Is there a way to identify a function by its address in the live
code?  (I have seen stack traces in the kernel log, is there a way I can
get access to that?)

Q4: If you have experience with Netfilter, may I pick your brain?

Q5: Have you had any experience using the kernel debugger for doing
interactive kernel debugging?  The procedures for setting this up look
very complicated and I would like to know how useful this is before
going down that path.

Q6: What general comments on debugging kernel module code can you offer
based on personal experience?


Thanks in advance.

Later . . .   Jim




More information about the CALUG mailing list